/***************************************************************************************
 *Endeavour - Application Lifecycle Management
 *Copyright (C) 2009  Ezequiel Cuellar
 *
 *This program is free software: you can redistribute it and/or modify
 *it under the terms of the GNU General Public License as published by
 *the Free Software Foundation, either version 3 of the License, or
 *(at your option) any later version.
 *
 *This program is distributed in the hope that it will be useful,
 *but WITHOUT ANY WARRANTY; without even the implied warranty of
 *MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *GNU General Public License for more details.
 *
 *You should have received a copy of the GNU General Public License
 *along with this program.  If not, see <http://www.gnu.org/licenses/>.
 ***************************************************************************************/
package org.endeavour.mgmt.controller.servlet;

import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpServlet;

import org.endeavour.mgmt.model.ProjectMember;
import org.endeavour.mgmt.model.persistence.PersistenceManager;

public class SecureDownloadServlet extends HttpServlet {

	public static final long serialVersionUID = -11232390009993412L;

	protected boolean hasAccess(String aUserName, String aPassword) {
		aUserName=aUserName.toLowerCase();
		List<Object> theParameters = new ArrayList<Object>();
		theParameters.add(aUserName);
		boolean hasAccess = true;
		PersistenceManager thePersistenceManager = new PersistenceManager();
		thePersistenceManager.beginTransaction();
		ProjectMember theUser = (ProjectMember) thePersistenceManager.findBy("select user from " + ProjectMember.class.getSimpleName() + " user where lower(user.userId) = ?", theParameters);
		if (theUser != null) {
			if (!theUser.isPasswordCorrect(aPassword)) {
				hasAccess = false;
			}
		} else {
			hasAccess = false;
		}
		thePersistenceManager.endTransaction();
		return hasAccess;
	}
}
